Commit Graph

22165 Commits

Author SHA1 Message Date
David Garske 4741a0b696 Merge pull request #6508 from JacobBarthelmeh/fuzzing
sanity check on send fatal alert return
2023-06-15 20:13:49 -07:00
David Garske 78b78428e7 Merge pull request #6512 from SparkiDev/math_enc_mem_exptmod
Math, Encrypted Memory: mod exp fix
2023-06-15 19:52:41 -07:00
Sean Parkinson e17f86d145 TFM: fix big endian reading a zero length buffer
Bail early as big endian implementation doesn't handle it.
2023-06-16 10:58:51 +10:00
Sean Parkinson beef8b0014 outputBuffer - use idx field
dtls13.c:
Change end of outputBuffer data calculations to use function
GetOutputBuffer().
  Use idx when calculating unused byte count of outputBuffer.

internal.c:
Change end of outputBuffer data calculations to use function
GetOutputBuffer().
  Use GetOutputBuffer() to calculate end of data in outputBuffer.
  GrowOutputBuffer():
Calculate new size to allocate to include already written data in
case of static buffer.
    Copy all data including already written count (idx).
  CheckAvailableSize():
    Don't subtract idx from length when checking MTU size.
Do subtract idx from bufferSize to determine count of unused bytes
in outputBuffer.
2023-06-16 10:29:52 +10:00
Sean Parkinson a1e8aa7269 test.c, scrypt: bench embedded reduce heap usage
Don't do scrypt test cases that allocate 1MB of memory when
BENCH_EMBEDDED is defined.
2023-06-16 10:16:34 +10:00
Daniel Pouzzner 970663f8a1 in wolfSSL_ERR_reason_error_string(), unconditionally convert positive error codes to negative, and in switch(), match against negated values of OpenSSL positive codes like WOLFSSL_ERROR_WANT_READ. fixes #6514 2023-06-15 17:42:03 -05:00
dell5060 7926ceb120 Updated Key gen to convert the keys located in /certs/statickeys to be used in buffers 2023-06-15 15:33:11 -06:00
Sean Parkinson 7153dd70a6 Math, Encrypted Memory: mod exp fix
The modular exponentiation implementations in sp_int.c and tfm.c are not
safe when using Encrypted Memory.
Cannot have two pieces of memory where one changes and the other doesn't
based on private value.
Use extra variable to hold the two new values and assign them both back
at the same time in a safe manner.

Alternative implementations used when WC_PROTECT_ENCRYPTED_MEM is
defined.
2023-06-16 07:28:47 +10:00
JacobBarthelmeh 5b81dc47d2 adjust location used for writing to output buffer 2023-06-14 21:01:12 -07:00
JacobBarthelmeh 8f29111aac fix for nightly toolchain armv7 build warning 2023-06-14 14:13:59 -06:00
Daniel Pouzzner 902d47aaa1 wolfcrypt/test/test.c: fix scoping of hkdf_test();
wolfcrypt/test/test.h: include <wolfssl/wolfcrypt/types.h> to be sure sword32 is available.
2023-06-14 15:06:13 -05:00
JacobBarthelmeh 0a860c793f adjust test case to handle error of peer closing down 2023-06-14 12:21:52 -07:00
JacobBarthelmeh 9e0c13bbdb sanity check on send fatal alert return 2023-06-14 11:08:56 -07:00
Daniel Pouzzner bb5e09c394 wolfssl/wolfcrypt/settings.h: refactor ssize_t setup to be more flexible, with NO_WC_SSIZE_TYPE and WC_SSIZE_TYPE override options, and no use of autotools-style HAVE_SSIZE_T. 2023-06-14 12:28:50 -05:00
Daniel Pouzzner e843a7bd1e wolfcrypt/test/test.{c,h}: add wc_test_ret_t, and 'L' long int suffixes on relevant numeric literals, to facilitate passing around 32 bit retvals in the WC_TEST_RET_*() system on 16 bit targets. 2023-06-14 12:28:50 -05:00
Daniel Pouzzner 131b7c2bcf wolfcrypt/src/chacha20_poly1305.c: refactor ssize_t uses in wc_XChaCha20Poly1305_crypt_oneshot() as long int, for portability. 2023-06-14 12:28:50 -05:00
Andras Fekete 76cf3d61a0 Calling 'nc' makes the server unresponsive 2023-06-14 09:54:23 -04:00
Andras Fekete 20df12e5f7 This should add a check to make sure the server is up before connecting 2023-06-14 09:20:06 -04:00
Sean Parkinson 82cc988226 Merge pull request #6495 from JacobBarthelmeh/build
update check for stdatomic header file
2023-06-14 14:00:04 +10:00
Sean Parkinson cdb3d6df40 Merge pull request #6502 from JacobBarthelmeh/release
prepare for 5.6.3
2023-06-14 13:59:41 +10:00
Sean Parkinson 0db49ef83a ECC, ALT_ECC_SIZE, CryptoCB: ensure err is 0 in _ecc_make_key_ex
When CryptoCB is used and the key gen operation is not implemented, err
is CRYPTOCB_UNAVAILABLE and needs to be reset to 0.
2023-06-14 10:12:04 +10:00
JacobBarthelmeh 72536e0e10 prepare for 5.6.3 2023-06-13 14:47:06 -06:00
David Garske fe7502a50e Fix for SP math all and ECC with compressed keys (missing sp_add_d). Reproduce using: ./configure --disable-rsa --disable-dh --enable-compkey --disable-pkcs12 && make. 2023-06-13 11:39:24 -07:00
Eric Blankenhorn 58c1c0c31b Merge pull request #6499 from douzzer/20230612-windows-fixes
20230612-windows-fixes
2023-06-13 12:32:01 -05:00
Daniel Pouzzner 03a6eed037 wolfcrypt/src/{aes.c,blake2b.c,siphash.c}: fix W64LIT() arguments to not have improper 'U' suffix;
wolfssl/wolfcrypt/types.h: add 'U' suffix to W64LIT() macro defs, and add SW64LIT() macro defs (not yet used anywhere);

wolfcrypt/src/asn.c: add !WOLFSSL_ECC_CURVE_STATIC gate around DataToHexStringAlloc() to resolve -Wunused;

wolfcrypt/src/ecc.c: guard against zero-valued "len" arg to wc_ecc_get_curve_id_from_oid();

wolfcrypt/src/wc_port.c: fix several argument implicit sign changes in USE_WINDOWS_API paths;

wolfssl/wolfcrypt/ecc.h: remove const attribute from inline buffers in WOLFSSL_ECC_CURVE_STATIC struct ecc_set_type.
2023-06-12 23:15:08 -05:00
JacobBarthelmeh 47036d0166 update check for stdatomic header file 2023-06-12 13:48:24 -06:00
JacobBarthelmeh 9ffa9faecd Merge pull request #6491 from ejohnstown/fix-imp-conv
Implicit Type Conversion Fix
v5.6.2-stable
2023-06-09 13:19:18 -06:00
John Safranek 7b0283fa04 Implicit Type Conversion Fix
1. Typecast the return of strlen() to int for the variable used.
2023-06-09 11:13:44 -07:00
John Safranek a56070cd70 Merge pull request #6490 from JacobBarthelmeh/release
Prepare for release 5.6.2
2023-06-09 11:00:10 -07:00
JacobBarthelmeh 353a2926b6 add check for stdatomic.h 2023-06-09 09:52:01 -07:00
JacobBarthelmeh 032ac405db prepare for release 5.6.2 2023-06-09 05:51:18 -07:00
JacobBarthelmeh c59cc92379 Merge pull request #6488 from douzzer/20230608-linuxkm-__is_constexpr
20230608-linuxkm-__is_constexpr
2023-06-08 14:48:19 -06:00
Daniel Pouzzner e35cb5bc3d linuxkm/linuxkm_wc_port.h: override definition of __is_constexpr() from /usr/src/linux/include/linux/const.h with warning-free __builtin_constant_p(). 2023-06-08 14:43:05 -05:00
John Safranek 3f1dd32f4e Merge pull request #6487 from JacobBarthelmeh/fuzzing
sanity check on socket return value for timeout with DTLS13
2023-06-08 10:41:41 -07:00
JacobBarthelmeh 0d591f1111 Merge pull request #6485 from SparkiDev/coverity_api_c_fixes
Coverity fixes: api.c
2023-06-08 09:25:08 -06:00
Sean Parkinson 897a865090 Merge pull request #6477 from JacobBarthelmeh/stm32
add sanity check on hash size with STM32 port
2023-06-08 22:21:19 +10:00
Sean Parkinson e5bb09f281 Coverity fixes: api.c
Fixes from coverity scan in the file api.c.
2023-06-08 22:18:05 +10:00
JacobBarthelmeh 938a48d9b1 sanity check on socket return value for timeout with DTLS13 2023-06-08 02:37:21 -06:00
Sean Parkinson 66d222adfc Merge pull request #6484 from JacobBarthelmeh/cov
coverity scan fixes
2023-06-08 10:06:18 +10:00
JacobBarthelmeh 4a4a769512 check on allocation of new node before dereferencing 2023-06-07 15:20:23 -06:00
JacobBarthelmeh 84979900a7 avoid use after free in error case 2023-06-07 15:13:13 -06:00
JacobBarthelmeh 14990ad92d set return bio to null after free on error 2023-06-07 15:05:52 -06:00
JacobBarthelmeh fb5413cea0 account for null terminator with SEP serail number 2023-06-07 14:59:07 -06:00
JacobBarthelmeh ebc62f8d17 clear extension string and avoid potential double free 2023-06-07 14:41:47 -06:00
JacobBarthelmeh d796aa12fc free up memory with othername object on error 2023-06-07 13:29:41 -06:00
JacobBarthelmeh c399fba4ce set ext pointer to null after free'ing it 2023-06-07 13:23:43 -06:00
Jacob Barthelmeh 327645ff2a add additional STM32 ECC sanity check to sign 2023-06-07 10:26:40 -07:00
Jacob Barthelmeh 2a0b244393 add sanity check on hash size with STM32 port 2023-06-07 10:26:40 -07:00
JacobBarthelmeh c040b4a339 Merge pull request #6478 from SparkiDev/kyber_fixes_1
Kyber: allow compilation with limited sizes with liboqs
2023-06-07 11:24:08 -06:00
JacobBarthelmeh 8583cc65fa Merge pull request #6471 from SparkiDev/tests_api_expect_3
Test api.c: change more tests to use Expect instead of Assert
2023-06-07 11:22:23 -06:00